以下は、CentOS 5, 6, 7上でnginxを構築した際のメモ。
ngx_slowfs_cache-1.10、ngx_cache_purge-2.3、zlib-1.2.11、openssl-1.0.2lを使用、かつPerlはspawn-fcgi、PHPはphp-fpmを使用して作動させることにしました。
事前準備
[root@localhost ~]# useradd -s /sbin/nologin nginx ← nginxユーザー作成
[root@localhost ~]# mkdir -p /var/{log,run}/nginx ← log,runディレクトリ作成
[root@localhost ~]# chown nginx:nginx /var/{log,run}/nginx/ ← log,runディレクトリ権限変更
[root@localhost ~]# mkdir -p /var/cache/nginx/{proxy_cache,temp} ← proxy_cache,tempディレクトリ作成
[root@localhost ~]# chown -R nginx:nginx /var/cache/nginx ← nginxディレクトリ以下の権限変更
[root@localhost ~]# mkdir -p /var/www/html ← htmlディレクトリ作成
[root@localhost ~]# chown -R nginx:nginx /var/www ← wwwディレクトリ以下の権限変更
[root@localhost ~]# yum -y install pcre pcre-devel ← pcre,pcre-develパッケージをインストール
[root@localhost ~]# cd /usr/local/src ← ソースのダウンロードおよび解凍ディレクトリへ移動
nginx-1.13.4
[root@localhost ~]# wget http://nginx.org/download/nginx-1.13.4.tar.gz ← ダウンロード
[root@localhost ~]# tar zxvf nginx-1.13.4.tar.gz ← 解凍
ngx_slowfs_cache-1.10
[root@localhost ~]# wget http://labs.frickle.com/files/ngx_slowfs_cache-1.10.tar.gz ← ダウンロード
[root@localhost ~]# tar zxvf ngx_slowfs_cache-1.10.tar.gz ← 解凍
ngx_cache_purge-2.3
[root@localhost ~]# wget http://labs.frickle.com/files/ngx_cache_purge-2.3.tar.gz ← ダウンロード
[root@localhost ~]# tar zxvf ngx_cache_purge-2.3.tar.gz ← 解凍
zlib-1.2.11
[root@localhost ~]# wget http://zlib.net/fossils/zlib-1.2.11.tar.gz ← ダウンロード
[root@localhost ~]# tar zxvf zlib-1.2.11.tar.gz ← 解凍
openssl-1.0.2l
[root@localhost ~]# wget https://www.openssl.org/source/openssl-1.0.2l.tar.gz ← ダウンロード
[root@localhost ~]# tar zxvf openssl-1.0.2l.tar.gz ← 解凍
ゴミの削除
[root@localhost ~]# rm -f *.tar.gz
nginxのコンパイルおよびインストール
[root@localhost ~]# cd nginx-1.13.4/
[root@localhost ~]# ./configure --prefix=/etc/nginx \
--sbin-path=/usr/sbin/nginx \
--conf-path=/etc/nginx/nginx.conf \
--error-log-path=/var/log/nginx/error.log \
--http-log-path=/var/log/nginx/access.log \
--lock-path=/var/lock/nginx.lock \
--pid-path=/var/run/nginx.pid \
--add-module=/usr/local/src/ngx_cache_purge-2.3 \
--add-module=/usr/local/src/ngx_slowfs_cache-1.10 \
--with-zlib=/usr/local/src/zlib-1.2.11 \
--with-openssl=/usr/local/src/openssl-1.0.2l \
--with-http_addition_module \
--with-http_ssl_module \
--with-http_realip_module
[root@localhost ~]# make && make install
[root@localhost ~]# echo $? ← 戻り値確認
initスクリプト作成
CentOS 5, 6
[root@localhost ~]# vim /etc/init.d/nginx ← initスクリプト作成
-------------------------ここから-------------------------
#!/bin/sh
# nginx - this script starts and stops the nginx daemon
#
# chkconfig: - 85 15
# description: Nginx is an HTTP(S) server, HTTP(S) reverse \
# proxy and IMAP/POP3 proxy server
# processname: nginx
# config: /etc/nginx/nginx.conf
# config: /etc/sysconfig/nginx
# pidfile: /var/run/nginx.pid
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ "$NETWORKING" = "no" ] && exit 0
nginx="/usr/sbin/nginx"
prog=$(basename $nginx)
sysconfig="/etc/sysconfig/$prog"
lockfile="/var/lock/subsys/nginx"
pidfile="/var/run/${prog}.pid"
NGINX_CONF_FILE="/etc/nginx/nginx.conf"
[ -f $sysconfig ] && . $sysconfig
start() {
[ -x $nginx ] || exit 5
[ -f $NGINX_CONF_FILE ] || exit 6
echo -n $"Starting $prog: "
daemon $nginx -c $NGINX_CONF_FILE
retval=$?
echo
[ $retval -eq 0 ] && touch $lockfile
return $retval
}
stop() {
echo -n $"Stopping $prog: "
killproc -p $pidfile $prog
retval=$?
echo
[ $retval -eq 0 ] && rm -f $lockfile
return $retval
}
restart() {
configtest_q || return 6
stop
start
}
reload() {
configtest_q || return 6
echo -n $"Reloading $prog: "
killproc -p $pidfile $prog -HUP
echo
}
configtest() {
$nginx -t -c $NGINX_CONF_FILE
}
configtest_q() {
$nginx -t -q -c $NGINX_CONF_FILE
}
rh_status() {
status $prog
}
rh_status_q() {
rh_status >/dev/null 2>&1
}
# Upgrade the binary with no downtime.
upgrade() {
local oldbin_pidfile="${pidfile}.oldbin"
configtest_q || return 6
echo -n $"Upgrading $prog: "
killproc -p $pidfile $prog -USR2
retval=$?
sleep 1
if [[ -f ${oldbin_pidfile} && -f ${pidfile} ]]; then
killproc -p $oldbin_pidfile $prog -QUIT
success $"$prog online upgrade"
echo
return 0
else
failure $"$prog online upgrade"
echo
return 1
fi
}
# Tell nginx to reopen logs
reopen_logs() {
configtest_q || return 6
echo -n $"Reopening $prog logs: "
killproc -p $pidfile $prog -USR1
retval=$?
echo
return $retval
}
case "$1" in
start)
rh_status_q && exit 0
$1
;;
stop)
rh_status_q || exit 0
$1
;;
restart|configtest|reopen_logs)
$1
;;
force-reload|upgrade)
rh_status_q || exit 7
upgrade
;;
reload)
rh_status_q || exit 7
$1
;;
status|status_q)
rh_$1
;;
condrestart|try-restart)
rh_status_q || exit 7
restart
;;
*)
echo $"Usage: $0 {start|stop|reload|configtest|status|force-reload|upgrade|restart|reopen_logs}"
exit 2
esac
-------------------------ここまで-------------------------
[root@localhost ~]# chmod 755 /etc/init.d/nginx
CentOS 7
[root@localhost ~]# vim /lib/systemd/system/nginx.service ← serviceスクリプト作成
-------------------------ここから-------------------------
[Unit]
Description=The NGINX HTTP and reverse proxy server
After=syslog.target network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
PIDFile=/run/nginx.pid
ExecStartPre=/usr/sbin/nginx -t
ExecStart=/usr/sbin/nginx
ExecReload=/bin/kill -s HUP $MAINPID
ExecStop=/bin/kill -s QUIT $MAINPID
PrivateTmp=true
[Install]
WantedBy=multi-user.target
-------------------------ここまで-------------------------
[root@localhost ~]# systemctl daemon-reload
EPELのインストール
CentOS 5, 6
[root@localhost ~]# rpm -ivh http://ftp.riken.jp/Linux/fedora/epel/6/i386/epel-release-6-8.noarch.rpm ← CentOS6(32ビット)の場合
[root@localhost ~]# rpm -ivh http://ftp.riken.jp/Linux/fedora/epel/6/x86_64/epel-release-6-8.noarch.rpm ← CentOS6(64ビット)の場合
[root@localhost ~]# rpm -ivh http://ftp.riken.jp/Linux/fedora/epel/5/i386/epel-release-5-4.noarch.rpm ← CentOS5(32ビット)の場合
[root@localhost ~]# rpm -ivh http://ftp.riken.jp/Linux/fedora/epel/5/x86_64/epel-release-5-4.noarch.rpm ← CentOS5(64ビット)の場合
CentOS 7
[root@localhost ~]# rpm -ivh http://ftp.riken.jp/Linux/fedora/epel/7/x86_64/e/epel-release-7-8.noarch.rpm
spawn-fcgiのダウンロードおよび解凍
[root@localhost ~]# yum -y install fcgi fcgi-devel spawn-fcgi
[root@localhost ~]# ln -s /usr/bin/perl /usr/local/bin/perl
[root@localhost ~]# cd /usr/local/src
[root@localhost ~]# wget http://github.com/gnosek/fcgiwrap/tarball/master -O fcgiwrap.tar.gz
[root@localhost ~]# tar zxvf fcgiwrap.tar.gz
spawn-fcgiのコンパイルおよびインストール
[root@localhost ~]# cd gnosek-fcgiwrap-*
[root@localhost ~]# autoreconf -i
[root@localhost ~]# ./configure
[root@localhost ~]# make && make install
[root@localhost ~]# echo $? ← 戻り値確認
[root@localhost ~]# vim /etc/sysconfig/spawn-fcgi
-------------------------ここから-------------------------
OPTIONS="-u nginx -g nginx -a 127.0.0.1 -p 9001 -P /var/run/spawn-fcgi.pid -- /usr/local/sbin/fcgiwrap" ← 追加
-------------------------ここまで-------------------------
spawn-fcgiの自動起動設定およびサービス起動
CentOS 5, 6
[root@localhost ~]# chkconfig spawn-fcgi on
[root@localhost ~]# chkconfig --list | grep spawn-fcgi
spawn-fcgi 0:off 1:off 2:on 3:on 4:on 5:on 6:off
[root@localhost ~]# /etc/rc.d/init.d/spawn-fcgi start
CentOS 7
[root@localhost ~]# systemctl enable spawn-fcgi.service
[root@localhost ~]# systemctl list-unit-files | grep spawn-fcgi
spawn-fcgi.service enabled
[root@localhost ~]# systemctl start spawn-fcgi
php-fpmのダウンロードおよびインストール
[root@localhost ~]# yum --enablerepo=epel install php-fpm
[root@localhost ~]# vim /etc/php-fpm.d/www.conf
-------------------------ここから-------------------------
; user = apache ← コメントアウト
user = nginx ← 追加
; group = apache ← コメントアウト
group = nginx ← 追加
-------------------------ここまで-------------------------
php-fpmの自動起動設定およびサービス起動
CentOS 5, 6
[root@localhost ~]# chkconfig php-fpm on
[root@localhost ~]# chkconfig --list | grep php-fpm
php-fpm 0:off 1:off 2:on 3:on 4:on 5:on 6:off
[root@localhost ~]# /etc/rc.d/init.d/php-fpm start
CentOS 7
[root@localhost ~]# systemctl enable php-fpm.service
[root@localhost ~]# systemctl list-unit-files | grep php-fpm
nginx.service enabled
[root@localhost ~]# systemctl start php-fpm
nginx.conf編集
[root@localhost ~]# vim /etc/nginx/nginx.conf
-------------------------ここから-------------------------
user nginx;
worker_processes auto;
worker_cpu_affinity auto;
worker_rlimit_nofile 1024;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
use epoll;
multi_accept on;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
include mime.types;
default_type application/octet-stream;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
gzip on;
keepalive_timeout 65;
types_hash_max_size 2048;
proxy_cache_path /var/cache/nginx/proxy_cache levels=1:2 keys_zone=czone:4m inactive=7d max_size=50m;
proxy_temp_path /var/cache/nginx/temp;
proxy_cache czone;
proxy_cache_key "$scheme://$host$request_uri";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Remote-Addr $remote_addr;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_send_timeout 30;
proxy_read_timeout 60;
include /etc/nginx/conf.d/*;
}
-------------------------ここまで-------------------------
インクルード用コンフィグファイル作成
[root@localhost ~]# mkdir /etc/nginx/conf.d ← インクルード用コンフィグディレクトリ作成
[root@localhost ~]# vim /etc/nginx/conf.d/<コンフィグファイル名>.conf
-------------------------ここから-------------------------
server {
listen 80;
server_name <ホスト名/IPアドレス>;
access_log /var/log/nginx/<ホスト名/IPアドレス>.access.log;
error_log /var/log/nginx/<ホスト名/IPアドレス>.error.log;
location / {
root /var/www/html;
index index.html index.htm;
}
location ~ [^/]\.cgi(/|$) {
fastcgi_split_path_info ^(.+\.cgi)(/.+)$;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
root /var/www/html;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.cgi;
fastcgi_buffers 8 16k;
fastcgi_buffer_size 32k;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
include fastcgi_params;
}
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
root /var/www/html;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_buffers 8 16k;
fastcgi_buffer_size 32k;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
include fastcgi_params;
}
location ~ /purge(/.*) {
allow 127.0.0.1;
deny all;
proxy_cache_purge czone "$scheme://$host$1$is_args$args";
}
}
-------------------------ここまで-------------------------
nginxのログローテーション設定
[root@localhost ~]# vim /etc/logrotate.d/nginx
-------------------------ここから-------------------------
/var/log/nginx/*log {
daily
rotate 31
dateext
missingok
notifempty
sharedscripts
compress
postrotate
/sbin/service nginx reload > /dev/null 2>/dev/null || true
endscript
}
-------------------------ここまで-------------------------
nginxの自動起動設定およびサービス起動
CentOS 5, 6
[root@localhost ~]# chkconfig nginx on
[root@localhost ~]# chkconfig --list | grep nginx
nginx 0:off 1:off 2:on 3:on 4:on 5:on 6:off
[root@localhost ~]# /etc/init.d/nginx start
CentOS 7
[root@localhost ~]# systemctl enable nginx.service
[root@localhost ~]# systemctl list-unit-files | grep nginx
nginx.service enabled
[root@localhost ~]# systemctl start nginx.service
Perlの動作テスト
[root@localhost ~]# vim /var/www/html/index.cgi
-------------------------ここから-------------------------
#!/usr/bin/perl
print "Content-type: text/plain\n\n";
print `perl -v`;
print `perl -V`;
print `find \`perl -e 'print "@INC"'\` -name '*.pm' -print`;
-------------------------ここまで-------------------------
[root@localhost ~]# chown nginx:nginx /var/www/html/index.cgi
[root@localhost ~]# chmod 775 /var/www/html/index.cgi
[root@localhost ~]# curl http://<ホスト名/IPアドレス>/index.cgi
PHPの動作テスト
[root@localhost ~]# vim /var/www/html/index.php
-------------------------ここから-------------------------
<?php
phpinfo();
?>
-------------------------ここまで-------------------------
[root@localhost ~]# chown nginx:nginx /var/www/html/index.php
[root@localhost ~]# chmod 775 /var/www/html/index.php
[root@localhost ~]# curl http://<ホスト名/IPアドレス>/index.php